Avg Release Cycle
- 👌 Support for secret keys other than "oct" which provides support for signature algorithms other than HSxxx. See #122
- 🛠 Fix incorrect param name in channel
- 🌲 Tighten up log calls
- 🛠 Fix moar typos
- General code cleanup
- Loosen poison requirement to >= 1.3.0
- 👉 Use existing resource on conn if already present
- 🛠 Fix refresh to correctly use revoke
- 🛠 Fix error in Guardian.Plug.ErrorHandler when Accept header is unset.
- ➕ Adding Guardian.Plug.EnsureNotAuthenticated to validates that user isn't logged
- 🛠 Fix bug where TTL was not able to be set when generating tokens
- ➕ Add a Guardian.Phoenix.Socket module and refactor Guardian.Channel
- ⚡️ Update JOSE to Version 1.6.0. Version 1.6.0 of erlang-jose ➕ adds the ability of using libsodium and SHA-3 (keccack) algorithms. This improves speed a lot.
- ➕ Adds travis
- ➕ Adds ability to use custom secrets
- 👍 Allows peeking at the contents of the token
- Stop compiling permissions. This leads to weird bugs when permissions are changed but not recompiled
- ✂ Remove internal calls to Dict
- Store the type of the token in the typ field rather than the aud field The aud field should default to the sub or failing that, the iss. This is to facilitate implementing an OAuth provider or just allowing folks to declare their own audience.
- 🛠 Fix a bug with logout where it was not checking the session, only the assigns This meant that if you had not verified the session the token would not be revoked.
- ➕ Adds basic Phoenix controller helpers
- ✂ Remove Joken from the dependencies and use JOSE instead.
- ➕ Add a refresh! function
- ➕ Adds Guardian.Plug.authenticated?
- ➕ Adds simple claim checks to EnsureAuthenticated
- 🛠 Fix an issue with permissions strings vs atoms (not encoding correctly)
Guardian.mint -> Guardian.encode_and_sign Guardian.verify -> Guardian.decode_and_verify Guardian.Plug.EnsureSession -> Guardian.Plug.EnsureAuthenticated Guardian.Plug.VerifyAuthorization -> Guardian.Plug.VerifyHeader